[BITList] Drone hijacked by hackers

franka franka at iinet.net.au
Tue Jul 3 15:06:50 BST 2012 

  This couldTurn out pretty expensive

frank



  Drone hijacked by hackers from Texas college with $1,000 spoofer

by Lisa Vaas <http://nakedsecurity.sophos.com/author/nslisavaas/> on 
July 2, 2012 
<http://nakedsecurity.sophos.com/2012/07/02/drone-hackedwith-1000-spoofer/#idc-container>

Filed Under: Featured 
<http://nakedsecurity.sophos.com/category/featured/>, Vulnerability 
<http://nakedsecurity.sophos.com/category/vulnerability/>

[Drone image, courtesy of Shutterstock] Researchers at the University of 
Texas at Austin hacked and hijacked a drone in front of the dismayed 
Department of Homeland Security officials who had dared them $1,000 to 
do it.

According to exclusive coverage 
<http://www.foxnews.com/scitech/2012/06/25/drones-vulnerable-to-terrorist-hijacking-researchers-say/> 
of the event from Fox News, the researchers flew the small surveillance 
drone over the Austin stadium last Monday.

The drone followed a series of GPS waypoints programmed into its flight 
computer in what initially looked like a routine flight.

At one point, the drone veered off course from its intended flight path.

It banked hard to the right, "streaking" toward the south, before it 
turned to hurtle at the ground in what looked like imminent drone 
suicide, according to Fox's description.

A safety pilot radioed the drone - which was owned by the university, 
according to Reuters 
<http://rt.com/usa/news/texas-1000-us-government-906/> - and forced it 
to pull up just a few feet before it would have crashed into the field.

The demonstration of the near-disaster, led by Professor Todd Humphreys 
and his team at the UTA's Radionavigation Laboratory 
<http://radionavlab.ae.utexas.edu/>, points to a "gaping hole" in the 
US's plan to open US airspace to thousands of drones, Fox noted: namely, 
drones can be turned into weapons, given the right equipment.

The researchers managed to hack the drone with a spoofer they put 
together with about $1,000 worth of parts.

[Department of Homeland Security] The Department of Homeland Security 
traditionally has been concerned with GPS jammers - the method of 
interference that some believe Iran used to bring down a US spy drone 
<http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video> 
in December.

But others, including an anonymous Iranian engineer quoted by the 
Christian Science Monitor 
<http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video>, 
say that Iran actually used the same spoofing technique that the Texas 
researchers demonstrated.

Spoofing allows a hacker to take control of a GPS-guided drone and force 
it to do whatever the attacker commands.

According to the Christian Science Monitor 
<http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video>, 
this is how the engineer described the Iranians' use of spoofing:

    The 'spoofing' technique that the Iranians used - which took into
    account precise landing altitudes, as well as latitudinal and
    longitudinal data - made the drone 'land on its own where we wanted
    it to, without having to crack the remote-control signals and
    communications' from the US control center, says the engineer.

Spoofing involves mimicking the signals of the drone's global 
positioning device and eventually taking it over completely by sending 
stronger signals than the unmanned aerial vehicle's (UAV's) legitimate 
commands.

Humphreys claims that the $1,000 spoofer he and his team rigged up to 
hack the university's drone last Monday is the most advanced one ever 
built.

He also says that the implications of a UAV's vulnerability to this type 
of spoofing are serious. Here's how he described the potential scenario 
to Fox News:

    In 5 or 10 years you have 30,000 drones in the airspace... Each one
    of these could be a potential missile used against us.

[UAV image, courtesy of Shutterstock] Meanwhile, the Pentagon and drone 
manufacturers in February pressured Congress to order the Federal 
Aviation Administration (FAA) to cook up rules that allow government and 
commercial use of drones in the US by 2015 - an idea that raises serious 
privacy concerns, with the prospect of police drones keeping watch on 
citizens already a reality 
<http://www.cbsnews.com/8301-505263_162-57409759/drone-use-in-the-u.s-raises-privacy-concerns/>. 


Should we trust the US government to darken the skies above us with 
surveillance UAVs?

On privacy grounds it seems an obvious "No", and apparently not on "make 
sure those things aren't aimed at our heads" grounds either. From Fox News:

    DHS is attempting to identify and mitigate GPS interference through
    its new 'Patriot Watch' and 'Patriot Shield' programs, but the
    effort is poorly funded, still in its infancy, and is mostly geared
    toward finding people using jammers, not spoofers.

    The potential consequences of GPS spoofing are nothing short of
    chilling. Humphreys warns that a terrorist group could match his
    technology, and in crowded U.S. airspace, cause havoc.

    "I'm worried about them crashing into other planes," he told Fox
    News. "I'm worried about them crashing into buildings. We could get
    collisions in the air and there could be loss of life, so we want to
    prevent this and get out in front of the problem."

We're being protected from these chilling scenarios by "poorly funded" 
programs that are "still in their infancy"?

I don't have much faith in Congress standing up to the Pentagon and 
drone manufacturers, so Mr. Humphreys and your team, thanks for getting 
in front of the problem.

Let's hope the DHS joins you, preferably before we've got hackable 
juggernauts flying over us

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.bcn.mythic-beasts.com/pipermail/bitlist/attachments/20120703/f449889a/attachment-0001.shtml 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: drone.jpg
Type: image/jpeg
Size: 4567 bytes
Desc: not available
Url : http://lists.bcn.mythic-beasts.com/pipermail/bitlist/attachments/20120703/f449889a/attachment-0003.jpg 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhs.jpg
Type: image/jpeg
Size: 14328 bytes
Desc: not available
Url : http://lists.bcn.mythic-beasts.com/pipermail/bitlist/attachments/20120703/f449889a/attachment-0004.jpg 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: uav.jpg
Type: image/jpeg
Size: 5718 bytes
Desc: not available
Url : http://lists.bcn.mythic-beasts.com/pipermail/bitlist/attachments/20120703/f449889a/attachment-0005.jpg

More information about the BITList mailing list